Описание
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Ссылки
- PatchVendor Advisory
- Patch
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.07389
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 20 лет назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
redhat
больше 20 лет назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
debian
больше 20 лет назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attack ...
github
больше 3 лет назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
EPSS
Процентиль: 91%
0.07389
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other